// skip unnecessary retry to build inclusion polygon if previous fence points have not changed
if (_inclusion_polygon_update_ms == fence->polyfence().get_inclusion_polygon_update_ms()) {
return false;
}
// *[ERROR] 'fence' null pointer dereference*
_inclusion_polygon_update_ms = fence->polyfence().get_inclusion_polygon_update_ms();
if (fence == nullptr) {
err_id = AP_OADijkstra_Error::DIJKSTRA_ERROR_FENCE_DISABLED;
return false;
}
null pointer dereference
Path: libraries/AC_Module/AP_Module.cpp, line 63
// found a hook in this module, add it to the list
struct hook_list *h = new hook_list;
if (h == nullptr) {
AP_HAL::panic("Failed to allocate hook for %s", hook_names[i]);
}
h->next = hooks[i]; // *[ERROR] 'h' null pointer dereference*
h->symbol = s;
hooks[i] = h;
found_hooks++;
}
}
Resource leak
Path: libraries/Tools/UDP_Proxy/udpproxy.c, 60 line
res = socket(AF_INET, SOCK_DGRAM, 0);
if (res == -1) {
fprintf(stderr, âsocket failed\nâ); return -1;
return -1;
}
We could burn bytes to catch these - but fence is a prereq for avoidance
and if fence is compiled the pointer is never nullptr.
I donât feel a burning desire to make a PR for these cases unless the
nullptr deref can happen with our existing code.
null pointer dereference
Path: libraries/AC_Module/AP_Module.cpp, line 63
// found a hook in this module, add it to the list
struct hook_list *h = new hook_list;
if (h == nullptr) {
AP_HAL::panic("Failed to allocate hook for %s", hook_names[i]);
}
h->next = hooks[i]; // *[ERROR] 'h' null pointer dereference*
The nullptr check is right there
My guess is that the analysis tool youâre using is not understanding the
âdoes not returnâ attribute we have on AP_HAL::panic()
Resource leak
Path: libraries/Tools/UDP_Proxy/udpproxy.c, 60 line
res = socket(AF_INET, SOCK_DGRAM, 0);
if (res == -1) {
fprintf(stderr, âsocket failed\nâ); return -1;
return -1;
}
Thanks for sharing and pointing this out. For the first one we merged a fix just last week. https://github.com/ArduPilot/ardupilot/pull/18277. This is not included in Copter/Rove-4.1 but hopefully it isnât critical so it can wait for a point release or 4.2
I think PeterBâs answered most of the others. txs again